package com.xy.contr;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class Hello {
    @GetMapping("/hello")
    public String hello(){
        return "你好";
    }

    @GetMapping("select")
    @PreAuthorize("hasAuthority('user:select')")
    public String select(){
        System.out.println("查询用户");
        return "查询用户";
    }
    @GetMapping("insert")
    @PreAuthorize("hasAuthority('user:insert')")
    public String insert(){
        System.out.println("添加用户");
        return "添加用户";
    }
    @GetMapping("update")
    @PreAuthorize("hasAuthority('user:update')")
    public String update(){
        System.out.println("修改用户");
        return "修改用户";
    }
    @GetMapping("delete")
    @PreAuthorize("hasAuthority('user:delete')")
    public String delete(){
        System.out.println("删除用户");
        return "删除用户";
    }
    @GetMapping("export")
    @PreAuthorize("hasAuthority('user:export')")
    public String export(){
        System.out.println("导出用户");
        return "导出用户";
    }
    @GetMapping("/info")
    public Authentication info(){
        //获取SecurityContext对象
        SecurityContext context = SecurityContextHolder.getContext();
        //把用户得到信息封装到Authontication类中--用户名---角色以及权限---状态[]
        org.springframework.security.core.Authentication authentication = context.getAuthentication();
        //通过authentication.getPrincipal();方法获取登录对象UserDetails
        UserDetails principal = (UserDetails) authentication.getPrincipal();
        //输出登录对象名;
        System.out.println(principal.getUsername());
        return authentication;
    }


}
